US9473498B2ExpiredUtilityA1
Method for using java servlets as a stack based state machine
Est. expiryJun 25, 2024(expired)· nominal 20-yr term from priority
H04L 9/006G06F 9/5027H04L 63/10H04L 63/00H04L 67/14H04N 1/4413H04L 9/3226H04L 67/327H04L 29/06802H04L 63/0853H04L 67/63
47
PatentIndex Score
0
Cited by
13
References
34
Claims
Abstract
A client module downloaded by web browser from a server receives authentication information to open a smart card in a card reader and to initiate a secure network connection to a first server module running on a server. The client module calls a second server module running on the server. And the client module receives a new application for the smart card. Then the client module causes the smart card to delete an old application and load the new application. Each of the operations performed by client module occurs in a single session.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A method, comprising the operations of:
using authentication information to open a smart card in a card reader and to initiate a secure network connection to a first server module running on a server;
calling a second server module running on the server, wherein the second server module is a reprovision module identified in a command received from another server module running on the server;
receiving a new application for the smart card; and
causing the smart card to delete an old application and load the new application, wherein each of the operations is performed in a single session by a client module downloaded by a web browser from the server and wherein the client module executes on one or more processors.
2. The method of claim 1 , further comprising the operation of:
instructing the new application to generate a Public Key Infrastructure (PKI) keypair.
3. The method of claim 1 , wherein the authentication information includes information from a personal identification number (PIN) entered by a user.
4. The method of claim 1 , wherein the authentication information includes a card unique ID (CUID) received from the smart card.
5. The method of claim 1 , wherein the authentication information is obtained at least in part through the use of a pluggable authentication module (PAM).
6. The method of claim 1 , wherein the secure network connection is based at least in part on a master key for the smart card stored in a hardware security module (HSM) on the server.
7. The method of claim 1 , wherein the applications are applets and the server modules are servlets.
8. The method of claim 1 , wherein the client module is an applet.
9. The method of claim 1 , wherein the authentication information includes information from a personal identification number (PIN) entered by a user, wherein the authentication information is obtained at least in part through the use of a pluggable authentication module (PAM), and wherein the client module and the applications are applets and the server modules are servlets.
10. One or more computer-readable media that are non-transitory and that store a program, wherein the program, when executed, instructs a processor to perform the following operations:
use authentication information to open a smart card in a card reader and to initiate a secure network connection to a first server module running on a server;
call a second server module running on the server, wherein the second server module is a reprovision module identified in a command received from another server module running on the server;
receive a new application for the smart card; and
cause the smart card to delete an old application and load the new application, wherein each of the operations is performed in a single session by a client module downloaded by a web browser from the server.
11. The computer-readable media of claim 10 , further comprising the operation of:
instructing the new application to generate a Public Key Infrastructure (PKI) keypair.
12. The computer-readable media of claim 10 , wherein the authentication information includes information from a personal identification number (PIN) entered by a user.
13. The computer-readable media of claim 9 , wherein the authentication information includes a card unique ID (CUID) received from the smart card.
14. The computer-readable media of claim 10 , wherein the authentication information is obtained at least in part through the use of a pluggable authentication module (PAM).
15. The computer-readable media of claim 10 , wherein the secure network connection is based at least in part on a master key for the smart card stored in a hardware security module (HSM) on the server.
16. The computer-readable media of claim 10 , wherein the applications are applets and the server modules are servlets.
17. The computer-readable media of claim 10 , wherein the client module is an applet.
18. The computer-readable media of claim 10 , wherein the authentication information includes information from a personal identification number (PIN) entered by a user, wherein the authentication information is obtained at least in part through the use of a pluggable authentication module (PAM), and wherein the client module and the applications are applets and the server modules are servlets.
19. A method, comprising the operations of:
using authentication information to open a smart card in a card reader and to initiate a secure network connection to a first servlet running on a server;
calling a second servlet running on the server, wherein the second servlet is a reprovision module identified in a command received from another server module running on the server;
receiving a new applet for the smart card; and
causing the smart card to delete an old applet and load the new applet, wherein each of the operations is performed in a single session by a client module downloaded by a web browser from the server and wherein the client module executes on one or more processors.
20. The method of claim 19 , wherein the client module is an applet.
21. The method of claim 19 , further comprising the operation of:
instructing the new applet to generate a Public Key Infrastructure (PKI) keypair.
22. The method of claim 19 , wherein the authentication information includes information from a personal identification number (PIN) entered by a user.
23. The method of claim 19 , wherein the authentication information includes a card unique ID (CUID) received from the smart card.
24. The method of claim 19 , wherein the authentication information is obtained at least in part through the use of a pluggable authentication module (PAM).
25. The method of claim 19 , wherein the secure network connection is based at least in part on a master key for the smart card stored in a hardware security module (HSM) on the server.
26. The method of claim 19 , wherein the authentication information includes information from a personal identification number (PIN) entered by a user, wherein the authentication information is obtained at least in part through the use of a pluggable authentication module (PAM), and wherein the client module is an applet.
27. One or more computer-readable media that are non-transitory and that store a program, wherein the program, when executed, instructs a processor to perform the following operations:
use authentication information to open a smart card in a card reader and to initiate a secure network connection to a first servlet running on a server;
call a second servlet running on the server, wherein the second servlet is a reprovision module identified in a command received from another server module running on the server;
receive a new applet for the smart card; and
cause the smart card to delete an old applet and load the new applet, wherein each of the operations is performed in a single session by a client module downloaded by a web browser from the server.
28. The computer-readable media of claim 27 , wherein the client module is an applet.
29. The computer-readable media of claim 27 , further comprising the operation of:
instruct the new applet to generate a Public Key Infrastructure (PKI) keypair.
30. The computer-readable media of claim 27 , wherein the authentication information includes information from a personal identification number (PIN) entered by a user.
31. The computer-readable media of claim 27 , wherein the authentication information includes a card unique ID (CUID) received from the smart card.
32. The computer-readable media of claim 27 , wherein the authentication information is obtained at least in part through the use of a pluggable authentication module (PAM).
33. The computer-readable media of claim 27 , wherein the secure network connection is based at least in part on a master key for the smart card stored in a hardware security module (HSM) on the server.
34. The computer-readable media of claim 27 , wherein the authentication information includes information from a personal identification number (PIN) entered by a user, wherein the authentication information is obtained at least in part through the use of a pluggable authentication module (PAM), and wherein the client module is an applet.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.